#OpFrance: Anssi's countermeasures. The big cyber attack for today?

#OpFrance: Anssi's countermeasures. The big cyber attack for today?

Update : the MECA group (Middle East Cyber ​​Army) has just announced the start of the operation on January 15th. For the time being, only communication with the promise of massive displacement and " big big surprises ".


Following the murderous attack at the Charlie Hebdo headquarters in Paris, Anonymous quickly set up a reprisal operation #OpCharlieHebdo with mainly in the line of sight jihadist propaganda sites and social network accounts. On Wednesday, this initiative claimed in particular the suspension of nearly 200 Twitter accounts in connection with alleged terrorism.

AnonGhostBut #OpCharlieHebdo brought hackers out of the woods, some of whom displayed support for an organization like ISIS or other more moderate pro-Islam hackers. A set of rather disparate hackers with sometimes regroupings of opportunity which are behind anti-Charlie attacks and a rallying operation #OpFrance.

#OpFrance seems to be for the moment an operation that strikes blindly and takes advantage, for example, of known flaws to disrupt the proper functioning of a large number of sites such as town halls, university and school sites, hospitals, Catholic parishes and even small businesses.

National authority in matters of security and defense of information systems, Anssi closely follows the evolution of #OpFrance and other similar campaigns. For now, it says that " the vast majority of attacks "are defaces (modification of the page of a site after exploitation of a generally known vulnerability) and DDoS (distributed denial of service; site inaccessible because the server is crumbling under requests).

For Anssi, it is possible to guard against such cyberattacks. The National Information Systems Security Agency has published two sheets to this effect:

We will find recommendations of which to limit as much as possible defacations with pointed fingers the most common vectors: weak password for the administration of the site, CMS content manager not up to date (without the latest security patches), use an unmaintained software brick.

Faced with attacks by distributed denial of service, it is more difficult unless you adopt specific protection solutions mentioned in the information sheet and rely in particular on hosts who sometimes offer protection against such attacks.

We can hope that #OpFrance will have raised awareness of the importance of applying security measures for sites. But it is today that the level of vigilance must be at its maximum with the fear of a major cyber attack. The date of January 15 has indeed been mentioned several times in the context of #OpFrance.

Have 0-day vulnerabilities (without patch) been obtained on the black market in order to attack sensitive systems? It could also involve striking more heavily at French State sites. Will an attack at Sony Pictures target an information system? A last hypothesis which seems hardly credible at present.